• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.11
• /
• pp.1996-2001
• /
• 2006

Open System Authentication Method, Shared Key Method, Mac Based Authentication Method are very hard to use in wireless network that needs security. So now, many researches have been performed about 802.1x and user authentication method applying PKI. but certificate verification protocol has been used abolished list called CRL since it's first usage of PKI, there were still has a problem about distribution point. This paper applied CVS to use CA direct not to use CRL and OSCP server in order to improve this problems. Also It suggested the system that can make authentication steps more shorter using authentication server and Mutual authentication system by public certificate(small size/low speed wireless terminal can access to wireless network fast and safely)

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.739-743
• /
• 2004

The Grid VO(Virtual Organization) is temporary VO where gather indivisual, authority, or system resource, differ from previous VO concept that controled by internal principal and policy set. It have many problems in case of indivisuals, authorities, or system resources that became member of some Grid VO at same time and combination followed changing condition of system resource for building Grid VO. This paper propose lightweighted Grid VO authentication system based on XML security to solve the authentication of the problems occuring in building Grid VO. In this paper, Grid VO authentication system is including Grid VO authentication module that is intermediate management system in PKI to previous authentication service structure and provide effective authentication service to Grid VO.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.902-905
• /
• 2005

In this paper we challenge the mobile node Authentication using Java Card authentication protocol in Ad-hoc network environment. Ad-hoc network is a collection of wireless mobile nodes without the support of a stationary infrastructure. and DSR routing protocol, which is one of famous mobile ad-hoc rooting protocols, has the following network path problem. this paper is the security structure that defined in a mobile network and security and watches all kinds of password related technology related to the existing authentication system. It looks up weakness point on security with a problem on the design that uses Ad-hoc based structure and transmission hierarchical security back of a mobile network, and a server-client holds for user authentication of an application level all and all, and it provides one counterproposal. Java Card Authentication of mobile node can possibly be applied to the area of M-Commerce, Wireless Security, and Ubiquitous Computing and so on.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.3
• /
• pp.727-733
• /
• 2008

An authentication between a user's terminal and a Access Control Router (ACR) is preceded so that a user receives secure WiBro services. Otherwise they can be exposed from many attack risks. So the Telecommunications Technology Association (TTA) constituted a mechanism of the mutual authentication for WiBro service. In mechanism a user executes the mutual authentication between a Portable Equipment (PE) and the ACR by using Portable Internet Subscriber Identity Module (PISIM). But this standard needs many message to authenticate the ACR and the users cann't use wireless Internet service. Therefore in this paper we propose the key agreement protocol between the PSS and the ACR to authenticate the PSS to ACR. At this time Power Support Device (PSD) fer supporting the calculated quantity of the PSS is participated in the key agreement protocol. The ACR sends a generated key to Key Authentication Server (KAS) via secure IPsec tunnel and then it preserves the identity of the PSS and the value of key after it enciphered them. In conclusion we analyze the security and efficiency of the proposed protocol.

• Journal of Broadcast Engineering
• /
• v.14 no.4
• /
• pp.463-474
• /
• 2009

By employing the subscriber concept in broadcasting services, IPTV (Internet Protocol Television) operators provide various grades of services to subscribers based on the billing level of the subscribers. With the income from subscribers for a basis, IPTV operators plan to provide high quality services. Since Web browser-based IPTV provides T-commerce and E-commerce services as well as television services, users may frequently visit other service domains to buy goods or content. To provide the user with charged or private services, these service domains request authentication of user. The existing authentication system is not appropriate for the IPTV service environment because the environment unavoidably forces the user to cross from one authentication-based service domain to another. Single sign-on provides a user with transparent authentication services by enabling an authenticated user to move between authentication-based service domains without any re-authentication. Like this distributed environment, since the IPTV service environment also provides a variety of authentication-based services, transparent authentication service needs to be provided to subscribers who want to access charged or private services. In this paper, we propose a new user authentication scheme for the IPTV environment. This scheme integrates the Security Assertion Markup Language (SAML), which is a standard for XML-based single sign on. We validate this scheme using a simple use case scenario.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.12
• /
• pp.944-953
• /
• 2013

Recently, a storage media is becoming smaller and storage capacity is also becoming larger than before. However, important data was leaked through a small storage media. To solve these serious problem, many security companies manufacture secure USBs with secure function, such as data encryption, user authentication, not copying data, and management system for secure USB, etc. But various attacks, such as extracting flash memory from USBs, password hacking or memory dump, and bypassing fingerprint authentication, have appeared. Therefore, security techniques related to secure USBs have to concern many threats for them. The basic components for a secure USB are secure authentication and data encryption techniques. Though existing secure USBs applied password based user authentication, it is necessary to develop more secure authentication because many threats have appeared. And encryption chipsets are used for data encryption however we also concern key managements. Therefore, this paper suggests mutual device authentication based on PUF (Physical Unclonable Function) between USBs and the authentication server and key management without storing the secret key. Moreover, secure USB is systematically managed with metadata and authentication information stored in authentication server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.769-780
• /
• 2014

In general, internet users need to remember several IDs and passwords when they use diverse web sites. From an effective management perspective, SSO system was suggested to reduce user inconvenience. Kerberos authentication, which uses centralized system management, is a typical example of a broker-based SSO authentication model. However, further research is required, because the existing Kerberos authentication system has security vulnerability problems of password and replay attacks. In SSO authentication systems, a major security vulnerability is the replay attack. When user credentials are seized by attackers, an authorized session can be obtained through a replay attack. In this paper, an improved SSO authentication model based on the broker-based model and a secure lightweight SSO mechanism against credential replay attack is proposed.

• The Journal of the Korea Contents Association
• /
• v.20 no.9
• /
• pp.389-396
• /
• 2020

E-authentication is one of the key functions for electronic transactions with the identification function made through the information systems. With the abolition of the mandatory use of public certificates, various private e-authentication services have emerged, and are developing to provide various additional services in addition to e-authentication. In this study, we explored the factors that affect user satisfaction with e-authentication services, compared the relative influence among the factors that we explored, and produced implications that could contribute to strengthening the competitiveness of e-authentication services. Based on the characteristics of e-authentication service, we searched and found four factors such as availability, convenience, added functionality and security. After that, we established and analyzed our research model to analyze the causal relationship between these four factors and user satisfaction. The analysis results showed that availability, convenience and security had significant effects on user satisfaction, but added functionality had no significant impact. In addition, compared to availability and convenience, security had a very strong impact on user satisfaction. This study suggests that e-authentication service providers should make efforts to make users aware of the usefulness of additional services while enhancing security.

• Journal of Convergence Society for SMB
• /
• v.5 no.3
• /
• pp.9-13
• /
• 2015

With the advance of ICT, the necessity of user authentication to verify the identity of an opponent online not face to face is increasing. The authentication, the basis of the security, is used in various fields. Because ID-based authentication has weaknesses in terms of stability and losses, two or more than two authentication tools are used in the place in which the security is important. Recently, biometric authentication rather than ID, OTP, SMS authentication has been an issue in terms of credibility and efficiency. As the fields applied to current biometric recognition technologies are increasing, the application of the biometric recognition is being used in various fields such as mobile payment system, intelligent CCTV, immigration inspection, and access control. As the biometric recognition, finger print, iris, retina, vein, and face recognition have been studied actively. This study is to inspect the current state of domestic and foreign standardization including understanding of the face recognition and the trend of technology.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.191-200
• /
• 2007

As the IEEE 802.11 WLAN has widely installed as a high-speed wireless network information infrastructure, there has been growing interest in both security and mobility of mobile terminals. However, for the case of mobile terminal employing IEEE 802.11i security standard, it is known that the user authentication procedure of IEEE 802.1x for stronger security enforcement may, due to its large delay, not be suitable for real-time multimedia communication. In this paper, we have proposed fast authentication method to resolve the above authentication delay problem, and verifies its performance via simulation analysis. Mobile terminals can get AP information reliably, and selectively execute authentication in advance during handover, which results in fast user authentication. In addition, by effectively managing the authentication information in mobile terminal, which are distributed in advance for pre-authentication, the problem of long-time revelation of authentication information has been solved.